The Revised Payment Services Directive (PSD2), is an expansion of the original Payment Services Directive which was implemented throughout the European Union in 2007. The original Directive was introduced to regulate and facilitate online payment services within the EU and the wider European Economic Area. PSD2 will further encourage the concept of open banking and make online payments throughout all Member States easier, faster and safer for the consumer. What does this new concept of online payment mean for your business?
Open Banking: PSD2 facilitates open banking throughout Europe, requiring the major banks to relinquish their control over their customers’ financial data and their own application programming interfaces (APIs). Independent third parties can request access who can use this information to develop services that can be tailored to suit individual customer needs.
Strong Customer Authentication (SCA): PSD2 is intended to benefit the consumer by improving their rights as well as upgrading the security features for online transactions through the introduction of Strong Customer Authentication (SCA). This will require the consumer to verify their identity by using two-factor authentication, for example, combining password entry with fingerprint.
In summary, PSD2 promotes the development and use of innovative payment services and regulates 1. Account information services and 2. Payment initiation services.
How does it affect my business?
Banking institutions and payment service providers will have to comply with the new Directive. Online shops/merchants will have to upgrade their own systems; ensuring that your process of online payments is up to date and fully compliant. Inform your customers around the changes and the rules on access to systems and use of payment account information.
Banks are obliged, only at the moment the customer gives consent, to provide access to specific institutions (financial service providers) such as apps and fintech companies, of customers’ payment accounts and payment details.
Current banking operating models are largely closed, whereby banks own the customer interface, through which they offer their own products.
In the new model, banks are obliged, only at the moment the customer gives consent, to provide access to specific institutions (financial service providers) such as apps and FinTech companies, of customers’ payment accounts and payment details. The old model moves into a data-intensive platform with access to platform- several financial services providers to offer customers tailored, good-value products. (e.g., TransferWise online money transfer company)
Parts of the directive, including changes to consumer rights and the ban on surcharging for use of debit-and credit cards, came into force in January 2018. The major feature like Strong Customer Authentication (SCA) is now in full effect.